dso407787736 2012-03-09 11:58
浏览 55
已采纳

实施Facebook Credits - 应用程序无响应(回调imeplemntation中的signed_request解析错误)

This is the continuation of the my earlier post

Since yesterday I have been trying to implement the facebook credits following the official tutorials. May be my noobness or the inadequate information I faced lot of problem which I have resolved one by one and I have arrived to the final step (hopefully)

I guess there is something to do with order_info which I am not sure

I have created a basic page based on the tutorial given here. This page has a simple button. Upon clicking on it calls the placeOrder() function which is almost copy paste code given in the tutorial.

Now, I get this error message

enter image description here

The callback.php is also implemented and seems like FB has pinged the callback.php. But the problem seems to be that the signed_request is not as expected.

I got this error message from the apache log

[Fri Mar 09 11:17:20 2012] [error] [client 66.220.146.244] Unknown algorithm. Expected HMAC-SHA256 but got data dump:

Note: (but got data dump are the extra debug variables which I have added to find what is coming the $data['algorithm'] and $data entirely

I have implemented code to dump the signed_request variable in the db for further debugging and from debugging I have debugged and traced

Here is the complete code of callback.php

<?php

//based on https://developers.facebook.com/docs/credits/callback/


include_once 'Config.php';

mysql_connect('myhost','usr','zzz');
mysql_select_db("mydb");

//dump the request into the db
$request = join(':', $_REQUEST);
$request = mysql_real_escape_string($request);
$query = "insert into fbcredits_callback(data)values('$request')";
$result = mysql_query($query);

$fb_signed_req = $_REQUEST['signed_request'];

echo parse_signed_request($signed_request, Config::$appSecret);

function parse_signed_request($signed_request, $secret) {
  list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

  // decode the data
  $sig = base64_url_decode($encoded_sig);
  $data = json_decode(base64_url_decode($payload), true);

  if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
   error_log('Unknown algorithm. Expected HMAC-SHA256 but got '.$data['algorithm'].'data dump:'.join(':',$data));
   return null;
  }

  // check sig
  $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
  if ($sig !== $expected_sig) {
    error_log('Bad Signed JSON signature!');
    return null;
  }

  return $data;
}

function base64_url_decode($input) {
  return base64_decode(strtr($input, '-_', '+/'));
}

?>

The above error message is generated at this line

  if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
   error_log('Unknown algorithm. Expected HMAC-SHA256 but got '.$data['algorithm'].'data dump:'.join(':',$data));
   return null;
  }

Update: I debugged the output step by step, at below step $data returns null

 $data = json_decode(base64_url_decode($payload), true);

Which means the decoding is not happening properly. Can some one tell me what is going wrong here?

Complete code of buy.php

<?php 
include_once 'Config.php';
include_once 'fb-sdk/facebook.php';
?>
<html>
    <head>
      <title>My Facebook Credits Page</title>
    </head>
    <body>
<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
  FB.init({
    appId  : '<?php echo Config::$appId?>',
    status : true, // check login status
    cookie : true, // enable cookies to allow the server to access the session
    xfbml  : false, // parse XFBML
    channelUrl : 'http://199.192.xxx.yyy/buy.php', // channel.html file
    oauth  : true // enable OAuth 2.0
  });

var callback = function(data) {
    if (data['order_id']) {
        alert('called back');
      return true;
    } else {
      //handle errors here
      alert('some error');
      return false;
    }
  };

function placeOrder(){

    alert('in placeOrder()');

    var order_info = {
        item_code: "someItemCode",
        user_id: "1313213131"
    };
    alert('creating obj');

    var obj = {
            method: 'pay',
            order_info: order_info,
            action: 'buy_item',
            dev_purchase_params: {'oscif': true},
         app_id: '<?php echo Config::$appId?>'
          };
     alert('calling ui');
     FB.ui(obj, callback);

}

</script>

<input type="button" value="post" onclick="postFeed()" />
<input type="button" value="Buy" onclick="placeOrder()" />
</body>
</html>

Additional info:

  • My webserver has SSL support (installed test certificate from verizon)
  • Sandbox mode enabled (tried disabling also)
  • 写回答

1条回答 默认 最新

  • douxing9228 2012-03-10 11:17
    关注

    Well I have resolved it. I read the callback documentation carefully once again and found what mistake I was doing.

    I was just parsing the signed_request and sending back the parsed data but I am suppose to send back the content

    That is not the end, there is more to do which is documented well there with complete example.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 #MATLAB仿真#车辆换道路径规划
  • ¥15 java 操作 elasticsearch 8.1 实现 索引的重建
  • ¥15 数据可视化Python
  • ¥15 要给毕业设计添加扫码登录的功能!!有偿
  • ¥15 kafka 分区副本增加会导致消息丢失或者不可用吗?
  • ¥15 微信公众号自制会员卡没有收款渠道啊
  • ¥15 stable diffusion
  • ¥100 Jenkins自动化部署—悬赏100元
  • ¥15 关于#python#的问题:求帮写python代码
  • ¥20 MATLAB画图图形出现上下震荡的线条